BlackShadow hackers breach Israeli hosting firm and extort customers
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services. [...]
Understanding the Human Communications Attack Surface
Companies should recognize that collaboration platforms aren't isolated, secure channels where traditional threats don't exist.
‘Trojan Source’ Bug Threatens the Security of All Code
Virtually all compilers -- programs that transform human-readable source code into computer-executable machine code -- are vulnerable to an insidious…
APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm
A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored…
DOJ: Pirated sports streamer hacked accounts, extorted MLB
The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA,…
Emergency Google Chrome update fixes zero-days used in attacks
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers have actively exploited.…
All Windows versions impacted by new LPE zero-day vulnerability
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that…
SEO Poisoning Used to Distribute Ransomware
This tactic — used to distribute REvil ransomware and the SolarMarker backdoor — is part of a broader increase in…
NSA and CISA share guidance on securing 5G cloud infrastructure
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking…
Microsoft: Shrootless bug lets hackers install macOS rootkits
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations,…